Results 1 to 5 of 5

Thread: rejecting messages by recepient address

Hybrid View

  1. #1
    Join Date
    Feb 2006
    Posts
    14
    Rep Power
    9

    Default rejecting messages by recepient address

    I'm looking for a (preferably) clean way within ZCS to deny delivery of mail to certain addresses within the domains I administer.

    For example, in my personal domain, I use my "main" address as a wildcard for the domain and give individual sites that want an email address something specific to the site. That way, if one of them "loses" my address to a spammer, I can just "shut off" the address.

    In my pre-Zimbra sendmail days, I did this using the "access" hash table. However, when I try to enable that in procmail on my ZCS server, it does not seem to have any effect.

    Any ideas would be greatly appreciated! (I'm getting sick of getting buried in email to addresses I shut off years ago...)

  2. #2
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    10

    Default that's easy!

    Just set zimbraMailStatus attribute on the account to "disabled".

    I tested by creating an account like this:
    Code:
    zmprov ca nomailaddr@domain password zimbraMailStatus disabled
    Make sure that password for the account is obscure enough.

    RCPT TO: will be rejected with a 550.

  3. #3
    Join Date
    Feb 2006
    Posts
    34
    Rep Power
    9

    Default

    hi:

    What command did you use for the wildcard? I want to do the same thing, which with sendmail and virtusertable I used to point all email traffic that wasn't for a specific address to a catch all addressL

    @mydomain.com admin@mydomain.com

    I'm wondering how to do that in zimbra.

  4. #4
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    10

    Default scratch what I said earlier

    Adding the wildcard address would negate the undesirable address having mail status disabled. argh. This time let me give you an example I tested. Let me rephrase your problem:

    example.com - is your domain

    me@example.com - is your account

    friend@example.com - your friend's account in your domain

    bad@example.com - address that you want rejected

    me-store1@example.com - not an account, but by "catch all" means mail is redirected to me@example.com

    Here are the provisioning steps in Zimbra:

    Code:
    zmprov cd example.com
    zmprov ca me@example.com test123 zimbraMailCatchAllAddress @example.com
    zmprov ca friend@example.com test123
    Setting zimbraMailCatchAllAddress on the account causes that account to receive mail for any address on that domain that is not otherwise an account or distribution list or alias. I have to insert my 2c on catch all addresses here - they are usually a very bad and spammers start sending you email to your message-id strings - which look like email addresses (I speak from personal experience) - but hey, to each his own.

    Also "test123" in the example above is a password, so please substitute.

    Now for the part about rejecting mail to bad@example.com. Here is what you need to do (we are thinking of better ways to do this, but for now...):

    - Edit /opt/zimbra/conf/postfix_recipient_restrictions.cf

    - Add this line to it:
    Code:
    check_recipient_access hash:/opt/zimbra/conf/rejected_addresses
    - Note that this access check line should definitely be very early - above permit_sasl_authenticated and permit_mynetworks - so even authenticated or local clients can not email this address.

    - Edit the text file /opt/zimbra/conf/rejected_addresses and add the following line to it:
    Code:
    dance@example.com       REJECT I hate spammers
    - Run this command to create the needed hash db file:
    Code:
    postmap /opt/zimbra/conf/rejected_addresses
    - postfix stop; postfix start

    You should be all set. Test it.

  5. #5
    Join Date
    Feb 2006
    Posts
    14
    Rep Power
    9

    Default That did it!

    Thank you for your help, the (final) suggestion worked perfectly.

    I agree that the catch all is probably a bad idea--it's a relic of my initial domain setup, before I hosted it myself, where it was handled that way by default. That made me get lazy, and then I wound up with several dozen addresses that I'd never remember if I tried to make it go away. The catch all doesn't exist on the newer domains.

Similar Threads

  1. I got Ubuntu and Zimbra working
    By pacsteel in forum Installation
    Replies: 73
    Last Post: 06-23-2008, 12:41 PM
  2. [SOLVED] Zimbra not syncing properly with Address Book and iCal
    By Colin Day in forum CalDAV / CardDAV / iSync
    Replies: 4
    Last Post: 07-13-2007, 09:52 AM
  3. New messages not showing up in outlook
    By bersrker in forum Zimbra Connector for Outlook
    Replies: 4
    Last Post: 01-16-2007, 08:17 AM
  4. Spam assassain not traiing properly!
    By Mike T in forum Administrators
    Replies: 1
    Last Post: 10-09-2006, 02:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •